<?php

		require_once('functions.php');
		session_start();
		

		if(isset($_POST['submit'])) {
			if (isset($_POST['username']) && isset($_POST['pass']) && $_POST['username'] != '' && $_POST['pass'] != '') {
				$link = makeSQLconnection();
				
				$username = mysql_real_escape_string($_POST['username']);
				$userPass = mysql_real_escape_string($_POST['pass']);
				
				$q1 = sprintf("SELECT * FROM `USERS`");
				$r1 = mysql_query($q1, $link);
				
		$found = false;
		while($data = mysql_fetch_assoc($r1)){
			if($data['Username'] == $username) {
				$correctPassword=$data['Password'];
				$found = true;
			}
		}
		
				if (!$found) {
					if(!isset($_SESSION['username']))
							loginForm();
					echo "No such user.";
				}else{
					if ($correctPassword === $userPass) {
						$_SESSION['username'] = $username;
						header('Location: menu.php');
					} else {
						if(!isset($_SESSION['username']))
							loginForm();
						echo 'Wrong password.';
							 
					}
								//if(!isset($_SESSION['username']))
									//loginForm();
				}
			
				mysql_close($link);
			} else {
						if(!isset($_SESSION['username']))
							loginForm();
					echo'Please fill in all the required information.</body>
					</html>';
			}
		} else {
			header('Location: login.php');
		}
	?>
	
	
